From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Tad Date: Mon, 5 Apr 2021 22:55:30 -0400 Subject: [PATCH] Allow setting OTA public keys from environment variable Change-Id: I23c4acdff039f141afafcd0e736a341992f2f8ec --- core/Makefile | 4 ++++ core/product_config.mk | 5 +++++ 2 files changed, 9 insertions(+) diff --git a/core/Makefile b/core/Makefile index f6c2463439..7f4823a1ac 100644 --- a/core/Makefile +++ b/core/Makefile @@ -1895,6 +1895,10 @@ endif # substitute other keys for this one. OTA_PUBLIC_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem +ifneq ($(OTA_KEY_OVERRIDE_DIR),) + OTA_PUBLIC_KEYS := $(OTA_KEY_OVERRIDE_DIR)/releasekey.x509.pem +endif + # Generate a file containing the keys that will be read by the # recovery binary. RECOVERY_INSTALL_OTA_KEYS := \ diff --git a/core/product_config.mk b/core/product_config.mk index 9460357ca1..be4bfec75e 100644 --- a/core/product_config.mk +++ b/core/product_config.mk @@ -326,6 +326,11 @@ ENFORCE_SYSTEM_CERTIFICATE_WHITELIST := $(PRODUCT_ARTIFACT_SYSTEM_CERTIFICATE_RE PRODUCT_OTA_PUBLIC_KEYS := $(sort $(PRODUCT_OTA_PUBLIC_KEYS)) PRODUCT_EXTRA_RECOVERY_KEYS := $(sort $(PRODUCT_EXTRA_RECOVERY_KEYS)) +ifneq ($(OTA_KEY_OVERRIDE_DIR),) + PRODUCT_OTA_PUBLIC_KEYS := $(OTA_KEY_OVERRIDE_DIR)/releasekey.x509.pem + PRODUCT_EXTRA_RECOVERY_KEYS := $(OTA_KEY_OVERRIDE_DIR)/extra +endif + # Resolve and setup per-module dex-preopt configs. DEXPREOPT_DISABLED_MODULES := # If a module has multiple setups, the first takes precedence.